package site.kitcheng.springboottest.infra.config.oauth2;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

/**
 * ClassName: ResourceServerConfig
 * Package: site.kitcheng.springboottest.infra.config.oauth2
 * Description:
 *
 * @Author jiangCheng
 * @Create 2025/3/13 9:31
 * @Version 1.0
 */
//@Configuration
public class ResourceServerConfig {

    @Bean
    @Order(3)
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http.authorizeHttpRequests(auth -> auth
                        .requestMatchers("/**").permitAll()
                        .anyRequest().authenticated())
                .oauth2ResourceServer(oauth2 -> oauth2.jwt(Customizer.withDefaults()));  // 新方法

        return http.build();
    }
}
